11.22 500x

显示全部楼层 · 发表于 2008-11-22 20:41:34

TO KL完毕

显示全部楼层 · 发表于 2008-11-22 21:03:08

支持下。。。
估计我不会扫描

显示全部楼层 · 发表于 2008-11-23 09:32:04

Scan Log
Version of virus signature database: 3632 (20081121)
Date: 2008/11/23 Time: 9:27:24
Scanned disks, folders and files: G:\v\1122

Number of scanned objects: 546
Number of threats found: 424
Number of cleaned objects: 423
Time of completion: 9:30:37 Total scanning time: 193 sec (00:03:13)

Notes:
[1] Object has been deleted as it only contained the virus body.
[7] Object is probably infected with an unknown virus.

显示全部楼层 · 发表于 2008-11-23 09:33:47

里面有无数个swizzor

显示全部楼层 · 发表于 2008-11-23 15:23:25

具体有多少个swizzor我用uguard 一扫便知

显示全部楼层 · 发表于 2008-11-23 17:08:39

分流完毕

http://www.live-share.com/files/367947/1122.rar.html

显示全部楼层 · 发表于 2008-11-23 21:36:53

NORMAN 345个，沙盘发现10个

显示全部楼层 · 发表于 2008-11-23 21:39:57

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/23/2008 at 09:38 PM

Application Version : 4.22.1014

Core Rules Database Version : 3648
Trace Rules Database Version: 1631

Scan type    : Custom Scan
Total Scan Time : 00:00:54

Memory items scanned    : 0
Memory threats detected : 0
Registry items scanned : 0
Registry threats detected : 0
File items scanned       : 510
File threats detected    : 65

Trojan.Agent/Gen
C:\TEST\0811\COL2\08223B03.DLL
C:\TEST\0811\COL2\122B901E.DLL
C:\TEST\0811\COL2\16AF66EB.DLL
C:\TEST\0811\COL2\201476D0.DLL
C:\TEST\0811\COL2\2EF0D734.DLL
C:\TEST\0811\COL2\34A25F04.DLL
C:\TEST\0811\COL2\3B8DA919.DLL
C:\TEST\0811\COL2\56BC86C7.DLL
C:\TEST\0811\COL2\58FF3024.DLL
C:\TEST\0811\COL2\5934EA2B.DLL
C:\TEST\0811\COL2\66AFCB56.DLL
C:\TEST\0811\COL2\8566F82E.DLL
C:\TEST\0811\COL2\9CA963CA.DLL
C:\TEST\0811\COL2\B3721C07.DLL
C:\TEST\0811\COL2\B8E83D3C.DLL
C:\TEST\0811\COL2\BA7EDF54.DLL
C:\TEST\0811\COL2\C8EB51BC.DLL
C:\TEST\0811\COL2\D7C79813.DLL
C:\TEST\0811\COL2\DA63E650.DLL
C:\TEST\0811\COL2\DFEC5CB7.DLL
C:\TEST\0811\COL2\E0D39066.DLL
C:\TEST\0811\COL2\E1D19FCC.DLL
C:\TEST\0811\COL2\E4814792.DLL
C:\TEST\0811\COL2\F8E07BB2.DLL

Trojan.TempCom
C:\TEST\0811\COL2\0B340.COM

Trojan.DMRemoteSetup
C:\TEST\0811\COL2\101646.EXE

Trojan.Unknown Origin
C:\TEST\0811\COL2\2008-11-21___1517295.EXE
C:\TEST\0811\COL2\2008-11-21___2663902.EXE
C:\TEST\0811\COL2\2008-11-21___2715022.EXE
C:\TEST\0811\COL2\2008-11-21___525009.EXE
C:\TEST\0811\COL2\~TMPB.EXE

Trojan.Tencent/Variant
C:\TEST\0811\COL2\2008-11-21___2216992.EXE
C:\TEST\0811\COL2\2008-11-21___2225198.EXE
C:\TEST\0811\COL2\53U1TTME.2YS
C:\TEST\0811\COL2\VITNNT64.987
C:\TEST\0811\COL2\V_V200E.TMP

Trojan.Unclassified/FSG-Compressed
C:\TEST\0811\COL2\9129837.EXE

Rootkit.ACPIDisk
C:\TEST\0811\COL2\ACPIDISK.SYS

Trojan.Dropper/Gen-NV
C:\TEST\0811\COL2\APCDLI.SYS
C:\TEST\0811\COL2\SVCHOSTS.EXE

Rootkit.KeyThief
C:\TEST\0811\COL2\B160485.SYS
C:\TEST\0811\COL2\DE8296F.SYS
C:\TEST\0811\COL2\F35EE9E.SYS

Trojan.Unclassified-Packed/Suspicious
C:\TEST\0811\COL2\CKDS16.DLL
C:\TEST\0811\COL2\MSXML71.DLL
C:\TEST\0811\COL2\QMDISPATCH.DLL

Trojan.DOmen
C:\TEST\0811\COL2\CSJUP.EXE

Trojan.Csrssc/Systemc-B
C:\TEST\0811\COL2\CSRSSC.EXE

Adware.ZenoSearch
C:\TEST\0811\COL2\DWDSREGT.EXE

Adware.Vundo Variant/QEF
C:\TEST\0811\COL2\HEHEDEBI.DLL

Adware.Media Gateway
C:\TEST\0811\COL2\MEDIAGATEWAY.EXE

Adware.ClickSpring/MediaTickets
C:\TEST\0811\COL2\MEDIATICKETSINSTALLER.OCX

Adware.Vundo/Variant
C:\TEST\0811\COL2\PMNOLEDA.DLL

Adware.Search Bar
C:\TEST\0811\COL2\SRCHBAR.DLL

Trojan.Dropper/SVCHost-Fake
C:\TEST\0811\COL2\SVCHOST.EXE

Trojan.Downloader-SVCHOTS
C:\TEST\0811\COL2\SVCHOTS.EXE

Trojan.WinSystem
C:\TEST\0811\COL2\SYSSMSS.EXE

Trojan.CamCap
C:\TEST\0811\COL2\THEMATRIXHASYOU.EXE

Trojan.Fengcent/Quicklink
C:\TEST\0811\COL2\UPDATE.EXE

Trojan.Unclassified/VCMGCD32
C:\TEST\0811\COL2\VCMGCD32.DLL

Rogue.AntiSpywareSolutionPro
C:\TEST\0811\COL2\VIRUSREMOVER2008_SETUP_FREE_EN.EXE

Adware.WebSurf
C:\TEST\0811\COL2\WEBBROWSER_2145.DLL

Trojan.FakeAlert
C:\TEST\0811\COL2\XJNS.EXE

Trojan.Dropper/BotNet
C:\TEST\0811\COL2\YLLZ.EXE

Worm.HappyNewYear
C:\TEST\0811\COL2\~.EXE.4444890.EXE

显示全部楼层 · 发表于 2008-11-23 21:43:02

Malwarebytes' Anti-Malware 1.30
数据库版本： 1417
Windows 5.1.2600 Service Pack 2

2008-11-23 21:42:06
mbam-log-2008-11-23 (21-41-58).txt

扫描类型：快速扫描
被扫描对象数目： 497
时间过去： 30 second(s)

被感染内存进程数目： 0
被感染内存模块数目： 0
被感染注册表项数目： 0
被感染注册表值数目： 0
被感染注册表数据项数目： 0
被感染文件夹数目： 0
被感染文件数目： 29

被感染文件数目：
c:\Test\0811\COL2\lei53.tmp (Backdoor.ProRat) -> No action taken.
c:\Test\0811\COL2\linkinfo.dll (Trojan.Downloader) -> No action taken.
c:\Test\0811\COL2\dzhoil.dll (Trojan.FakeAlert) -> No action taken.
c:\Test\0811\COL2\pmnoLeda.dll (Trojan.Vundo) -> No action taken.
c:\Test\0811\COL2\35.tmp.exe (Trojan.Agent) -> No action taken.
c:\Test\0811\COL2\cpush.dll (Adware.Sogou) -> No action taken.
c:\Test\0811\COL2\wmimgr32.dll (Trojan.Downloader) -> No action taken.
c:\Test\0811\COL2\ckds16.dll (Trojan.Fakealert) -> No action taken.
c:\Test\0811\COL2\XjNs.exe (Trojan.Downloader) -> No action taken.
c:\Test\0811\COL2\~tmpb.exe (Trojan.Agent) -> No action taken.
c:\Test\0811\COL2\~tmpc.exe (Trojan.FakeAlert) -> No action taken.
c:\Test\0811\COL2\wdfmgr.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\wdfmgr11.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\hehedebi.dll (Trojan.Vundo) -> No action taken.
c:\Test\0811\COL2\k0o.exe (Trojan.Busky) -> No action taken.
c:\Test\0811\COL2\cpush0.dll (Adware.Sogou) -> No action taken.
c:\Test\0811\COL2\2008-11-21___525009.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___589992.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___85290.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___925594.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___1451943.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___1512794.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___1570969.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___1813918.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___2101262.exe (Spyware.OnlineGames) -> No action taken.
c:\Test\0811\COL2\2008-11-21___2520999.exe (Spyware.OnlineGames) -> No action taken.

显示全部楼层 · 发表于 2008-11-23 21:44:37

C:\Test\0811\COL2\0B340.com: Worm.Traxg-1 FOUND
C:\Test\0811\COL2\1.exe: Trojan.Packed-126 FOUND
C:\Test\0811\COL2\101646.exe: Trojan.Downloader.Agent-565 FOUND
C:\Test\0811\COL2\11.exe: Trojan.Crypted FOUND
C:\Test\0811\COL2\1D8CD9.EXE: Trojan.Downloader-19191 FOUND
C:\Test\0811\COL2\2008-11-21___1332624.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\2008-11-21___1512794.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\2008-11-21___1570969.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\2008-11-21___1813918.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\2008-11-21___2218952.exe: PUA.Packed.NPack-3 FOUND
C:\Test\0811\COL2\2008-11-21___2228876.exe: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\2008-11-21___2482570.exe: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\2008-11-21___2520999.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\2008-11-21___2952116.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\2008-11-21___589992.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\2008-11-21___85290.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\2008-11-21___925594.exe: Trojan.Starter-12 FOUND
C:\Test\0811\COL2\4.ext: Trojan.Dropper-1805 FOUND
C:\Test\0811\COL2\8604.exe: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\abc.exe: Trojan.Delf-1066 FOUND
C:\Test\0811\COL2\ainwp.exe: Trojan.Hupigon-19795 FOUND
C:\Test\0811\COL2\AlxRes061216.exe: Trojan.Spy-5716 FOUND
C:\Test\0811\COL2\atmQQ2.dll: Trojan.Crypted-4 FOUND
C:\Test\0811\COL2\BandObjs.dll: Trojan.Agent-24920 FOUND
C:\Test\0811\COL2\brew-tst2.exe: Worm.Fujack-6 FOUND
C:\Test\0811\COL2\brew-tst3.exe: W32.Xorer-23 FOUND
C:\Test\0811\COL2\C32Asm.exe: Neshta.B FOUND
C:\Test\0811\COL2\china.exe: Trojan.VB-123 FOUND
C:\Test\0811\COL2\Chinese.exe: Trojan.Lmir-27 FOUND
C:\Test\0811\COL2\ckds16.dll: Trojan.Fraudload-1494 FOUND
C:\Test\0811\COL2\comfiex.dll: Trojan.Downloader-34943 FOUND
C:\Test\0811\COL2\cpushd.dll: Adware.BHO-162 FOUND
C:\Test\0811\COL2\csjup.exe: Trojan.Downloader.Agent-267 FOUND
C:\Test\0811\COL2\ctfmona.exe: W32.Sality.Q-1 FOUND
C:\Test\0811\COL2\d.dll: W32.Agent-2 FOUND
C:\Test\0811\COL2\daemon.exe: W32.Sality.N FOUND
C:\Test\0811\COL2\dc.exe: Worm.VB-900 FOUND
C:\Test\0811\COL2\dnsq.dll: W32.Xorer-20 FOUND
C:\Test\0811\COL2\doc.pdf: Exploit.PDF-14 FOUND
C:\Test\0811\COL2\DPtQWqqpAFzoDo.dll: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\dsaf.exe: Trojan.Spy-12776 FOUND
C:\Test\0811\COL2\dwdsregt.exe: Adware.Zeno-1 FOUND
C:\Test\0811\COL2\ED.exe: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\EntMian.exe: Trojan.Hupigon-13679 FOUND
C:\Test\0811\COL2\explorer.exe: Trojan.SdBot-6301 FOUND
C:\Test\0811\COL2\explorerw.exe: Trojan.Inject-601 FOUND
C:\Test\0811\COL2\found32.dll: Trojan.Crypted-3 FOUND
C:\Test\0811\COL2\Framdee.dll: Trojan.Downloader-50426 FOUND
C:\Test\0811\COL2\glk20.tmp: W32.Parite.B-dll-2 FOUND
C:\Test\0811\COL2\GOOD.exe: Worm.Tenga.A FOUND
C:\Test\0811\COL2\hehedebi.dll: Trojan.Spy-55283 FOUND
C:\Test\0811\COL2\hzmrtvlbvyzha.dll: Adware.Agent-2795 FOUND
C:\Test\0811\COL2\ie.exe: W32.Sality-1 FOUND
C:\Test\0811\COL2\IE7.0.exe: Trojan.Delf-911 FOUND
C:\Test\0811\COL2\intenat.exe: Trojan.Hupigon-12078 FOUND
C:\Test\0811\COL2\Internet Explorer.exe: Trojan.Blackhole-9 FOUND
C:\Test\0811\COL2\isass.exe: Trojan.Hider FOUND
C:\Test\0811\COL2\isassx.exe: Trojan.Hider FOUND
C:\Test\0811\COL2\keyq (1).exe: Trojan.Hacdef-246 FOUND
C:\Test\0811\COL2\Lcass.exe: Trojan.Win32.VB FOUND
C:\Test\0811\COL2\LeakCheck.exe: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\lei53.tmp: W32.Parite.B-dll-1 FOUND
C:\Test\0811\COL2\linkinfo.dll: Trojan.Downloader-15464 FOUND
C:\Test\0811\COL2\LSASS.EXE: W32.Xorer-6 FOUND
C:\Test\0811\COL2\MediaTicketsInstaller.ocx: Trojan.Downloader.Mediatickets-3 FOUND
C:\Test\0811\COL2\ms.css: Trojan.Crypt-41 FOUND
C:\Test\0811\COL2\mse.exe: Trojan.Dropper-15688 FOUND
C:\Test\0811\COL2\MSIOFF10.MOD: Trojan.QQPass-904 FOUND
C:\Test\0811\COL2\muydicw.exe: Trojan.Spammer FOUND
C:\Test\0811\COL2\MZU_DRV.sys: Trojan.Proxy.Small-52 FOUND
C:\Test\0811\COL2\nbr2.dll: Trojan.Downloader.Small-2935 FOUND
C:\Test\0811\COL2\ncscv32.exe: Worm.Fujack-6 FOUND
C:\Test\0811\COL2\ncscv32c.exe: Worm.Fujack-6 FOUND
C:\Test\0811\COL2\netcfg.dll: W32.Xorer-12 FOUND
C:\Test\0811\COL2\nmview.dll: Trojan.Agent-24920 FOUND
C:\Test\0811\COL2\nope.dll: Trojan.SdBot-8235 FOUND
C:\Test\0811\COL2\nsi57.dll: Trojan.BHO-3947 FOUND
C:\Test\0811\COL2\nvscv32.exe: Worm.Fujack-2 FOUND
C:\Test\0811\COL2\nvscv32w.exe: Worm.Fujack-2 FOUND
C:\Test\0811\COL2\oosoldls.exe: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\pmnoLeda.dll: Trojan.Vundo-9310 FOUND
C:\Test\0811\COL2\ProxyHunter.exe: Adware.Search-37 FOUND
C:\Test\0811\COL2\QzonePluse.exe: Trojan.Downloader-58651 FOUND
C:\Test\0811\COL2\rej.exe: Trojan.Crypted-3 FOUND
C:\Test\0811\COL2\runouce.exe: Worm.Runouce.b FOUND
C:\Test\0811\COL2\scrsys16_061216.scr: Trojan.Spy-165 FOUND
C:\Test\0811\COL2\selfupdate.exe: Worm.Tenga.A FOUND
C:\Test\0811\COL2\server.exe: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\SmartDownload.exe: Adware.Casino-18 FOUND
C:\Test\0811\COL2\smss.exe: W32.Xorer-2 FOUND
C:\Test\0811\COL2\SondMan.exe: Trojan.Gimmiv-8 FOUND
C:\Test\0811\COL2\spoolsv.exe: W32.Otwycal-6 FOUND
C:\Test\0811\COL2\startup.bat: Worm.VB-180 FOUND
C:\Test\0811\COL2\stub.exe: Trojan.Inject-1340 FOUND
C:\Test\0811\COL2\svchost.com: Neshta.B FOUND
C:\Test\0811\COL2\svchostss.exe: W32.Jeefo FOUND
C:\Test\0811\COL2\SVCHOTSx.EXE: Trojan.Dropper.Delf-65 FOUND
C:\Test\0811\COL2\svchsot.exe: Trojan.ShellHook-2 FOUND
C:\Test\0811\COL2\svcht.dll: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\svcr.exe: Trojan.Delf-240 FOUND
C:\Test\0811\COL2\SysInfo.dll: Trojan.Spy-52549 FOUND
C:\Test\0811\COL2\SysInfo.wmp: Trojan.Spy-9810 FOUND
C:\Test\0811\COL2\syskaka.dll: Trojan.Spy-23619 FOUND
C:\Test\0811\COL2\sysmgr.exe: W32.Davs.A-1 FOUND
C:\Test\0811\COL2\syssmss.exe: Worm.Mytob.IS FOUND
C:\Test\0811\COL2\tdumped.dll: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\TheMatrixHasYou.exe: Trojan.Downloader.Small-1700 FOUND
C:\Test\0811\COL2\update.exe: Trojan.Downloader.QQHelper FOUND
C:\Test\0811\COL2\upx.exe: Trojan.Small-3632 FOUND
C:\Test\0811\COL2\userinit.exe: Worm.Autorun-811 FOUND
C:\Test\0811\COL2\userlist.exe: Trojan.Iroffer-74 FOUND
C:\Test\0811\COL2\vcmgcd32.dll: W32.Sality.Q-2 FOUND
C:\Test\0811\COL2\vcmgcd32.dl_: W32.Sality.Q-2 FOUND
C:\Test\0811\COL2\VM303SCTI.EXE: PUA.Packed.NPack-2 FOUND
C:\Test\0811\COL2\vmdetdhc.exe: W32.Sality-1 FOUND
C:\Test\0811\COL2\v_v216F.tmp: Trojan.Spy-55627 FOUND
C:\Test\0811\COL2\v_v6816.tmp: Trojan.Spy-55926 FOUND
C:\Test\0811\COL2\v_v700.tmp: Trojan.Spy-55202 FOUND
C:\Test\0811\COL2\wcmlogon.dll: W32.Sality-2 FOUND
C:\Test\0811\COL2\wdfmgr.exe: Trojan.Killav-132 FOUND
C:\Test\0811\COL2\wdfmgr11.exe: Trojan.Killav-132 FOUND
C:\Test\0811\COL2\webdialer.exe: Dialer-175 FOUND
C:\Test\0811\COL2\winsys32_061216.dll: Adware.Baidu FOUND
C:\Test\0811\COL2\wmimgr32.dll: W32.Sality-4 FOUND
C:\Test\0811\COL2\xgjncrxl.exe: Trojan.Downloader.Dluca-15 FOUND
C:\Test\0811\COL2\xiaozhi.exe: Trojan.Delf-1066 FOUND
C:\Test\0811\COL2\XjNs.exe: Trojan.Downloader-53034 FOUND
C:\Test\0811\COL2\xopjvg.dll: Trojan.PcClient-822 FOUND
C:\Test\0811\COL2\XP-D41D8CD9.EXE: Trojan.Downloader-53376 FOUND
C:\Test\0811\COL2\yt.exe: Trojan.Crypt-41 FOUND
C:\Test\0811\COL2\zolaxxyk.dll: Trojan.Spy-53859 FOUND
C:\Test\0811\COL2\_rej.exe: Trojan.Crypted-3 FOUND
C:\Test\0811\COL2\_windows.exe: Trojan.Rbot.GEN-3 FOUND
C:\Test\0811\COL2\_zsk_zlu_zlope07UAX^QDITLNHKYXJZ.exe: Trojan.Proxy.Small-54 FOUND
C:\Test\0811\COL2\~.exe.4444890.exe: W32.Xorer-23 FOUND

[病毒样本] 11.22 500x

eset pass 90

回复 14楼 woai_jolin 的帖子

评分

NORMAN 345个，沙盘发现10个